πͺ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
β969Jan 10, 2025Updated last year
Alternatives and similar repositories for cookiemonster
Users that are interested in cookiemonster are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applicationsβ1,297Aug 7, 2025Updated 7 months ago
- Hidden parameters discovery suiteβ2,038Sep 8, 2024Updated last year
- Contextual Content Discovery Toolβ3,128Apr 29, 2024Updated last year
- Extract URLs, paths, secrets, and other interesting bits from JavaScriptβ1,785May 22, 2024Updated last year
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..eβ¦β1,029Feb 22, 2026Updated last month
- Wordpress hosting with auto-scaling on Cloudways β’ AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Obtain GraphQL API schema even if the introspection is disabledβ1,412Dec 5, 2025Updated 3 months ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-iconβ1,296Jan 26, 2024Updated 2 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.β4,860Mar 20, 2026Updated last week
- Rust-based high performance domain permutation generator.β299Dec 2, 2023Updated 2 years ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β6,113Aug 14, 2024Updated last year
- Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!β1,337Mar 5, 2026Updated 3 weeks ago
- declutters url lists for crawling/pentestingβ1,538Feb 23, 2025Updated last year
- Filter and enrich a list of subdomains by levelβ213Sep 25, 2023Updated 2 years ago
- Pull out bits of URLs provided on stdinβ1,296Aug 12, 2023Updated 2 years ago
- End-to-end encrypted email - Proton Mail β’ AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerabilityβ959Dec 31, 2021Updated 4 years ago
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hacβ¦β1,155Jan 21, 2026Updated 2 months ago
- Reverse proxies cheatsheetβ1,855Nov 4, 2023Updated 2 years ago
- IIS shortname scanner written in Goβ355Mar 25, 2023Updated 3 years ago
- Prototype Pollution and useful Script Gadgetsβ1,601Jan 27, 2024Updated 2 years ago
- Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pagβ¦β529Apr 23, 2025Updated 11 months ago
- Gotator is a tool to generate DNS wordlists through permutations.β508Jul 17, 2022Updated 3 years ago
- An IIS short filename enumeration toolβ1,132Nov 25, 2024Updated last year
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable β¦β755Dec 19, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean β’ AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3β2,068Jan 2, 2024Updated 2 years ago
- Fleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.β267Feb 5, 2026Updated last month
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelβ¦β1,052Jan 3, 2025Updated last year
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!β987Jan 12, 2024Updated 2 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one plβ¦β1,040Aug 23, 2025Updated 7 months ago
- Content-Type Researchβ659Jun 29, 2025Updated 8 months ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secretsβ1,533Mar 8, 2026Updated 2 weeks ago
- Client Side Prototype Pollution Scannerβ523Sep 17, 2022Updated 3 years ago
- β563Mar 27, 2025Updated last year
- Bare Metal GPUs on DigitalOcean Gradient AI β’ AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- A tool to perform permutations, mutations and alteration of subdomains in golang.β156Nov 24, 2023Updated 2 years ago
- A rapid API for the Project Sonar datasetβ658May 5, 2023Updated 2 years ago
- β695Jul 4, 2022Updated 3 years ago
- Burp extension to create target specific and tailored wordlist from burp history.β256Dec 8, 2021Updated 4 years ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. π¦β660Aug 28, 2025Updated 6 months ago
- Making Favicon.ico based Recon Great again !β1,269Aug 29, 2023Updated 2 years ago
- Rockyou for web fuzzingβ3,094Mar 11, 2026Updated 2 weeks ago